fix: auditor feedback - Githubissues

LayerZero-Labs / devtools

LayerZero Developer Utilities

https://docs.layerzero.network/

97 stars 157 forks source link

fix: auditor feedback #907

Closed ryandgoulding closed 1 month ago

ryandgoulding commented 1 month ago

OS-SFT-ADV-00 (LOW): compute_fee_and_adjust_amount incorrectly applies remove_dust to the amount_sent_ld, potentially resulting in the sent amount being less than required.

OS-SFT-SUG-00: Suggestion to utilize saturating math to prevent any possibility of overflows in RateLimiter:refill.

socket-security[bot] commented 1 month ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@layerzerolabs/eslint-config-next@2.3.44	Transitive: environment, filesystem, shell, unsafe	`+59`	37.3 MB	layerzero-bot
npm/@layerzerolabs/lz-definitions@2.3.44	None	`+1`	724 kB	layerzero-bot
npm/@layerzerolabs/lz-evm-messagelib-v2@2.3.44	Transitive: filesystem, network	`+109`	57.5 MB	layerzero-bot
npm/@layerzerolabs/lz-evm-oapp-v1@2.3.44	Transitive: network	`+22`	5.09 MB	layerzero-bot
npm/@layerzerolabs/lz-evm-protocol-v2@2.3.44	None	`0`	624 kB	layerzero-bot
npm/@layerzerolabs/lz-evm-sdk-v1@2.3.44	filesystem	`+1`	322 MB	layerzero-bot
npm/@layerzerolabs/lz-evm-sdk-v2@2.3.44	None	`+1`	955 MB	layerzero-bot
npm/@layerzerolabs/lz-solana-sdk-v2@2.3.44	Transitive: environment, eval, filesystem, network, shell, unsafe	`+175`	49.1 MB	layerzero-bot
npm/@layerzerolabs/lz-solana-sdk-v2@2.3.45-oft-rc.0	Transitive: environment, eval, filesystem, network, shell, unsafe	`+260`	62.5 MB	layerzero-bot
npm/@layerzerolabs/prettier-config-next@2.3.44	Transitive: environment, filesystem	`+34`	831 kB	layerzero-bot
npm/@layerzerolabs/solhint-config@2.3.44	None	`0`	7.36 kB	layerzero-bot
npm/@layerzerolabs/test-devtools-evm-hardhat@0.2.7	None	`0`	179 kB	layerzero-bot
npm/@layerzerolabs/toolbox-hardhat@0.3.7	environment Transitive: filesystem	`+10`	8.76 MB	layerzero-bot
npm/@solana/web3.js@1.95.0	network Transitive: environment, filesystem, shell	`+47`	18.1 MB	lorisleiva
npm/eslint-plugin-jest@27.6.3	filesystem Transitive: environment	`+47`	4.13 MB	simenb
npm/hardhat@2.22.12	environment, filesystem, network, shell Transitive: eval, unsafe	`+178`	35.7 MB	fvictorio
npm/typescript@5.5.3	None	`0`	21.9 MB	typescript-bot

🚮 Removed packages: npm/@layerzerolabs/eslint-config-next@2.3.39, npm/@layerzerolabs/lz-definitions@2.3.39, npm/@layerzerolabs/lz-evm-messagelib-v2@2.3.39, npm/@layerzerolabs/lz-evm-oapp-v1@2.3.39, npm/@layerzerolabs/lz-evm-protocol-v2@2.3.39, npm/@layerzerolabs/lz-evm-sdk-v1@2.3.39, npm/@layerzerolabs/lz-evm-sdk-v2@2.3.39, npm/@layerzerolabs/lz-solana-sdk-v2@2.3.39, npm/@layerzerolabs/prettier-config-next@2.3.39, npm/@layerzerolabs/solhint-config@2.3.39, npm/@rushstack/eslint-patch@1.10.4, npm/@solana/web3.js@1.95.2, npm/chai@4.5.0, npm/eslint-plugin-jest@27.9.0, npm/hardhat@2.22.10, npm/typescript@5.5.4

View full report↗︎